An Error Occurred When Checking For Live Patch Updates
Getting this message on LivePatch "An Error Occurred When Checking For Live Patch Updates" i have watched video, followed the links, changed tokens, disable and enabling it again. Refreshing snaps, sudo apt update&&upgrade -ing in terminal still there is a shield icon with a red dot in upper corner...I am using 18.04.2 LTS . Here is a text in the ERROR "Canonical Livepatch has experienced an internal error. Please refer to https:/
Whitch leads to no solution. Could someone help me a little?
Question information
- Language:
- English Edit question
- Status:
- Answered
- For:
- Ubuntu Edit question
- Assignee:
- No assignee Edit question
- Last query:
- Last reply:
Revision history for this message
|
#1 |
What is the full output of:
sudo apt-get update
sudo apt-get upgrade
Thanks
Revision history for this message
|
#2 |
I have the same issue as described above. And there is the same shield icon with a red dot in the upper right corner of the screen. As requested, here is the output of the above terminal commands:
:~$ sudo apt-get update
[sudo] password for swarup:
Hit:1 http://
Hit:2 http://
Hit:3 http://
Get:4 http://
Get:5 http://
Get:6 http://
Get:7 http://
Hit:8 http://
Get:9 http://
Get:10 http://
Get:11 http://
Get:12 http://
Get:13 http://
Get:14 http://
Get:15 http://
Get:16 http://
Get:17 http://
Get:18 http://
Get:19 http://
Get:20 http://
Get:21 http://
Get:22 http://
Get:23 http://
Get:24 http://
Get:25 http://
Get:26 http://
Get:27 http://
Get:28 http://
Fetched 64.1 MB in 24s (2,653 kB/s)
Reading package lists... Done
swarup@Baba:~$ sudo apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
The following packages were automatically installed and are no longer required:
ethtool lib32gcc1 libc6-i386 libcuda1-340 libxnvctrl0 nvidia-settings
pkg-config screen-
Use 'sudo apt autoremove' to remove them.
The following packages have been kept back:
linux-generic linux-generic-
linux-
linux-
The following packages will be upgraded:
gedit gedit-common gnome-shell gnome-shell-common libnss-myhostname
libnss-systemd libpam-systemd libpython2.7 libpython2.
libpython2.
libruby2.5 libssl1.1 libssl1.1:i386 libsystemd0 libsystemd0:i386 libudev1
libudev1:i386 linux-libc-dev linux-signed-
python2.7 python2.7-minimal python3.6 python3.6-minimal ruby2.5 systemd
systemd-sysv udev
31 upgraded, 0 newly installed, 0 to remove and 6 not upgraded.
Need to get 23.8 MB of archives.
After this operation, 266 kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://
Get:2 http://
Get:3 http://
Get:4 http://
Get:5 http://
Get:6 http://
Get:7 http://
Get:8 http://
Get:9 http://
Get:10 http://
Get:11 http://
Get:12 http://
Get:13 http://
Get:14 http://
Get:15 http://
Get:16 http://
Get:17 http://
Get:18 http://
Get:19 http://
Get:20 http://
Get:21 http://
Get:22 http://
Get:23 http://
Get:24 http://
Get:25 http://
Get:26 http://
Get:27 http://
Get:28 http://
Get:29 http://
Get:30 http://
Get:31 http://
Fetched 23.8 MB in 4s (6,794 kB/s)
Extracting templates from packages: 100%
Preconfiguring packages ...
(Reading database ... 233716 files and directories currently installed.)
Preparing to unpack .../libnss-
Unpacking libnss-
Preparing to unpack .../libudev1_
De-configuring libudev1:amd64 (237-3ubuntu10.21) ...
Unpacking libudev1:i386 (237-3ubuntu10.22) over (237-3ubuntu10.21) ...
Preparing to unpack .../libudev1_
Unpacking libudev1:amd64 (237-3ubuntu10.22) over (237-3ubuntu10.21) ...
Setting up libudev1:amd64 (237-3ubuntu10.22) ...
Setting up libudev1:i386 (237-3ubuntu10.22) ...
(Reading database ... 233716 files and directories currently installed.)
Preparing to unpack .../0-udev_
Unpacking udev (237-3ubuntu10.22) over (237-3ubuntu10.21) ...
Preparing to unpack .../1-libnss-
Unpacking libnss-
Preparing to unpack .../2-libpam-
Unpacking libpam-
Preparing to unpack .../3-systemd_
Unpacking systemd (237-3ubuntu10.22) over (237-3ubuntu10.21) ...
Preparing to unpack .../4-libsystem
De-configuring libsystemd0:i386 (237-3ubuntu10.21) ...
Unpacking libsystemd0:amd64 (237-3ubuntu10.22) over (237-3ubuntu10.21) ...
Preparing to unpack .../5-libsystem
Unpacking libsystemd0:i386 (237-3ubuntu10.22) over (237-3ubuntu10.21) ...
Setting up libsystemd0:amd64 (237-3ubuntu10.22) ...
Setting up libsystemd0:i386 (237-3ubuntu10.22) ...
Setting up systemd (237-3ubuntu10.22) ...
(Reading database ... 233716 files and directories currently installed.)
Preparing to unpack .../00-
Unpacking systemd-sysv (237-3ubuntu10.22) over (237-3ubuntu10.21) ...
Preparing to unpack .../01-
Unpacking libpython3.6:amd64 (3.6.8-1~18.04.1) over (3.6.7-1~18.04) ...
Preparing to unpack .../02-
De-configuring libssl1.1:i386 (1.1.1-
Unpacking libssl1.1:amd64 (1.1.1-
Preparing to unpack .../03-
Unpacking libssl1.1:i386 (1.1.1-
Preparing to unpack .../04-
Unpacking python3.6 (3.6.8-1~18.04.1) over (3.6.7-1~18.04) ...
Preparing to unpack .../05-
Unpacking python3.6-minimal (3.6.8-1~18.04.1) over (3.6.7-1~18.04) ...
Preparing to unpack .../06-
Unpacking libpython3.
Preparing to unpack .../07-
Unpacking libpython3.
Preparing to unpack .../08-
Unpacking libpython2.7:amd64 (2.7.15-
Preparing to unpack .../09-
Unpacking python2.7 (2.7.15-
Preparing to unpack .../10-
Unpacking libpython2.
Preparing to unpack .../11-
Unpacking python2.7-minimal (2.7.15-
Preparing to unpack .../12-
Unpacking libpython2.
Preparing to unpack .../13-
Unpacking openssl (1.1.1-
Preparing to unpack .../14-
Unpacking gedit-common (3.28.1-1ubuntu1.2) over (3.28.1-1ubuntu1.1) ...
Preparing to unpack .../15-
Unpacking gedit (3.28.1-1ubuntu1.2) over (3.28.1-1ubuntu1.1) ...
Preparing to unpack .../16-
Unpacking gnome-shell (3.28.4-
Preparing to unpack .../17-
Unpacking gnome-shell-common (3.28.4-
Preparing to unpack .../18-
Unpacking libruby2.5:amd64 (2.5.1-1ubuntu1.4) over (2.5.1-1ubuntu1.2) ...
Preparing to unpack .../19-
Unpacking linux-libc-
Preparing to unpack .../20-
Unpacking linux-signed-
Preparing to unpack .../21-
Unpacking ruby2.5 (2.5.1-1ubuntu1.4) over (2.5.1-1ubuntu1.2) ...
Setting up libnss-
Processing triggers for mime-support (3.60ubuntu1) ...
Processing triggers for ureadahead (0.100.0-21) ...
ureadahead will be reprofiled on next reboot
Setting up libnss-
Processing triggers for desktop-file-utils (0.23-1ubuntu3.
Setting up systemd-sysv (237-3ubuntu10.22) ...
Processing triggers for libglib2.0-0:amd64 (2.56.4-
Processing triggers for libglib2.0-0:i386 (2.56.4-
Setting up linux-libc-
Setting up linux-signed-
Setting up gnome-shell-common (3.28.4-
Processing triggers for libc-bin (2.27-3ubuntu1) ...
Setting up udev (237-3ubuntu10.22) ...
update-initramfs: deferring update (trigger activated)
Setting up libssl1.1:amd64 (1.1.1-
Checking for services that may need to be restarted...done.
Checking for services that may need to be restarted...done.
Setting up libssl1.1:i386 (1.1.1-
Checking for services that may need to be restarted...done.
Checking for services that may need to be restarted...done.
Setting up gedit-common (3.28.1-1ubuntu1.2) ...
Setting up openssl (1.1.1-
Installing new version of config file /etc/ssl/
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
Processing triggers for gnome-menus (3.13.3-
Processing triggers for dbus (1.12.2-1ubuntu1.1) ...
Setting up libpython2.
Processing triggers for hicolor-icon-theme (0.17-2) ...
Setting up libpython2.
Setting up python2.7-minimal (2.7.15-
Setting up libruby2.5:amd64 (2.5.1-1ubuntu1.4) ...
Setting up libpam-
Setting up python2.7 (2.7.15-
Setting up gnome-shell (3.28.4-
Setting up libpython3.
Setting up libpython2.7:amd64 (2.7.15-
Setting up libpython3.
Setting up ruby2.5 (2.5.1-1ubuntu1.4) ...
Setting up python3.6-minimal (3.6.8-1~18.04.1) ...
Setting up libpython3.6:amd64 (3.6.8-1~18.04.1) ...
Setting up python3.6 (3.6.8-1~18.04.1) ...
Setting up gedit (3.28.1-1ubuntu1.2) ...
Processing triggers for initramfs-tools (0.130ubuntu3.8) ...
update-initramfs: Generating /boot/initrd.
Processing triggers for libc-bin (2.27-3ubuntu1) ...
:~$
Revision history for this message
|
#3 |
OK. Is there an issue still?
Revision history for this message
|
#4 |
Well, I restarted the computer after that, and there is still the same shield icon with a red dot in the upper right corner of the screen. When I click on that, I still get the same message: "Canonical Livepatch has experienced an internal error. Please refer to https:/
Revision history for this message
|
#5 |
Update: The red dot on the shield is now gone, and in its place there is a green one. So it seems all is well.
Is there a way to remove the shield icon though? I really don't need it. Thank you!
Revision history for this message
|
#6 |
Can you please give a screenshot. You will need to use a Web hosting service to make a URL of the image (or find a similar one online)
Revision history for this message
|
#7 |
You can see it here:
https:/
Revision history for this message
|
#8 |
gsettings set com.ubuntu.
Source:
https:/
Revision history for this message
|
#9 |
Great job, thank you. Worked perfectly.
Revision history for this message
|
#10 |
I don't use desktop Linux. I just searched the Web.....
Revision history for this message
|
#11 |
my issue still remains after update&&ugrade
andres@
[sudo] password for andres:
Ign:1 cdrom://Ubuntu 18.04 LTS _Bionic Beaver_ - Release amd64 (20180426) bionic InRelease
Err:2 cdrom://Ubuntu 18.04 LTS _Bionic Beaver_ - Release amd64 (20180426) bionic Release
Please use apt-cdrom to make this CD-ROM recognized by APT. apt-get update cannot be used to add new CD-ROMs
Ign:3 http://
Hit:4 http://
Hit:5 http://
Hit:6 http://
Hit:7 https:/
Ign:8 http://
Get:9 http://
Hit:10 http://
Get:11 http://
Hit:12 http://
Hit:13 http://
Hit:14 http://
Get:15 http://
Get:16 http://
Hit:17 https:/
Hit:18 http://
Get:19 http://
Hit:20 http://
Hit:21 http://
Hit:22 http://
Get:25 http://
Hit:24 https:/
Get:26 http://
Get:27 http://
Get:28 http://
Get:29 http://
Get:30 http://
Get:31 http://
Get:32 http://
Get:33 http://
Get:34 http://
Get:35 http://
Get:36 http://
Get:37 http://
Get:38 http://
Get:39 http://
Get:40 http://
Get:41 http://
Get:42 http://
Get:43 http://
Get:44 http://
Get:45 http://
Get:46 http://
Get:47 http://
Get:48 http://
Get:49 http://
Get:50 http://
Get:51 http://
Get:52 http://
Reading package lists... Done
E: The repository 'cdrom://Ubuntu 18.04 LTS _Bionic Beaver_ - Release amd64 (20180426) bionic Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
N: Skipping acquire of configured file 'main/binary-
andres@
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
The following packages were automatically installed and are no longer required:
linux-
linux-
Use 'sudo apt autoremove' to remove them.
The following packages will be upgraded:
evince evince-common libevdocument3-4 libevview3-3 libsqlite3-0
5 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 1,210 kB of archives.
After this operation, 9,216 B of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://
Get:2 http://
Get:3 http://
Get:4 http://
Get:5 http://
Fetched 1,210 kB in 0s (2,887 kB/s)
(Reading database ... 298835 files and directories currently installed.)
Preparing to unpack .../libsqlite3-
Unpacking libsqlite3-0:amd64 (3.22.0-1ubuntu0.1) over (3.22.0-1) ...
Preparing to unpack .../evince_
Unpacking evince (3.28.4-0ubuntu1.2) over (3.28.4-0ubuntu1.1) ...
Preparing to unpack .../libevdocume
Unpacking libevdocument3-
Preparing to unpack .../evince-
Unpacking evince-common (3.28.4-0ubuntu1.2) over (3.28.4-0ubuntu1.1) ...
Preparing to unpack .../libevview3-
Unpacking libevview3-3:amd64 (3.28.4-0ubuntu1.2) over (3.28.4-0ubuntu1.1) ...
Processing triggers for gconf2 (3.2.6-4ubuntu1) ...
Processing triggers for mime-support (3.60ubuntu1) ...
Processing triggers for desktop-file-utils (0.23-1ubuntu3.
Processing triggers for libglib2.0-0:amd64 (2.56.4-
Setting up libevdocument3-
Setting up evince-common (3.28.4-0ubuntu1.2) ...
Processing triggers for libc-bin (2.27-3ubuntu1) ...
Setting up libevview3-3:amd64 (3.28.4-0ubuntu1.2) ...
Setting up libsqlite3-0:amd64 (3.22.0-1ubuntu0.1) ...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
Processing triggers for gnome-menus (3.13.3-
Processing triggers for hicolor-icon-theme (0.17-2) ...
Setting up evince (3.28.4-0ubuntu1.2) ...
Installing new version of config file /etc/apparmor.
Installing new version of config file /etc/apparmor.
Processing triggers for libc-bin (2.27-3ubuntu1) ...
andres@
any suggestions?
Revision history for this message
|
#12 |
Revision history for this message
|
#13 |
Remove the CD as a package source. You have the web
Revision history for this message
|
#14 |
[sudo] password for andres:
Ign:1 cdrom://Ubuntu 18.04 LTS _Bionic Beaver_ - Release amd64 (20180426) bionic InRelease
Err:2 cdrom://Ubuntu 18.04 LTS _Bionic Beaver_ - Release amd64 (20180426) bionic Release
Please use apt-cdrom to make this CD-ROM recognized by APT. apt-get update cannot be used to add new CD-ROMs
Ign:3 http://
Hit:4 http://
Hit:5 http://
Ign:6 http://
Hit:7 https:/
Hit:8 http://
Hit:9 http://
Hit:10 http://
Hit:11 http://
Hit:12 http://
Hit:13 https:/
Hit:14 http://
Hit:15 http://
Hit:16 http://
Hit:17 http://
Hit:18 http://
Hit:19 http://
Hit:20 http://
Hit:21 http://
Hit:22 https:/
Reading package lists... Done
E: The repository 'cdrom://Ubuntu 18.04 LTS _Bionic Beaver_ - Release amd64 (20180426) bionic Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
N: Skipping acquire of configured file 'main/binary-
andres@
andres@
Hit:1 http://
Ign:2 http://
Hit:3 http://
Hit:4 http://
Hit:5 http://
Hit:6 http://
Ign:7 http://
Hit:8 https:/
Get:9 http://
Hit:10 http://
Hit:11 http://
Hit:12 http://
Hit:13 https:/
Hit:14 http://
Get:15 http://
Get:16 http://
Hit:17 http://
Hit:18 http://
Hit:19 http://
Hit:20 https:/
Fetched 252 kB in 5s (54.5 kB/s)
Reading package lists... Done
Building dependency tree
Reading state information... Done
All packages are up to date.
N: Skipping acquire of configured file 'main/binary-
andres@
Before refresh:
kernel: 4.15.0-
fully-patched: false
version: "42.1"
After refresh:
kernel: 4.15.0-
fully-patched: false
version: "42.1"
andres@
DONE!But the problem is still there...how did the guy before me got rid of it?I still don't get it
Revision history for this message
|
#15 |
@Andres Ounpuu:
You have to comment out the CD as possible repository source in your /etc/apt/
and you have to change the line for google earth from
deb http://
into
deb [arch=amd64] http://
(It is probably in /etc/apt/
Revision history for this message
|
#16 |
so i opted out on google-earth updates updates look clean now bu issue still remain
andres@
[sudo] password for andres:
Hit:1 http://
Hit:2 https:/
Hit:3 http://
Hit:4 http://
Hit:5 http://
Hit:6 http://
Hit:7 http://
Hit:8 http://
Hit:9 https:/
Get:10 http://
Hit:11 http://
Hit:12 http://
Hit:13 http://
Get:14 http://
Get:16 http://
Hit:15 https:/
Get:17 http://
Get:18 http://
Get:19 http://
Get:20 http://
Fetched 3,355 kB in 7s (496 kB/s)
Reading package lists... Done
Building dependency tree
Reading state information... Done
All packages are up to date.
andres@
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
andres@
also tried to turn on livepatch with "verbose" command and this is what i got
andres@
client-version: 9.4.1
machine-id: 540ab72cec1e486
machine-token: 41ce4dc6fd64494
architecture: x86_64
cpu-model: AMD A9-9420 RADEON R5, 5 COMPUTE CORES 2C+3G
last-check: 2019-06-
boot-time: 2019-06-
uptime: 15h16m54s
status:
- kernel: 4.15.0-
running: true
livepatch:
checkState: checked
patchState: apply-failed
version: "42.1"
fixes: |-
* CVE-2018-10323
The xfs_bmap_
the Linux kernel through 4.16.3 allows local users to cause a denial of
service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs
image.
* CVE-2018-10840
Linux kernel is vulnerable to a heap-based buffer overflow in the
exploit this by operating on a mounted crafted ext4 image.
* CVE-2018-10881
A flaw was found in the Linux kernel's ext4 filesystem. A local user
can cause an out-of-bound access in ext4_get_group_info function, a
denial of service, and a system crash by mounting and operating on a
crafted ext4 filesystem image.
* CVE-2018-1092
The ext4_iget function in fs/ext4/inode.c in the Linux kernel through
4.15.15 mishandles the case of a root directory with a zero
crafted ext4 image." "Improper input validation bug in DNS resolver
component of Knot Resolver before 2.4.1 allows remote attacker to
poison cache." "Certain input files may trigger an integer overflow in
ttembed input file processing. This overflow could potentially lead to
corruption of the input file due to a lack of checking return codes of
fgetc/fputc function calls." "An input validation flaw exists in
ttembed. With a crafted input file, an attacker may be able to trigger
a denial of service condition due to ttembed trusting attacker
controlled values." "** RESERVED cvelist lib tardir usr This candidate
has been reserved by an organization or individual that will use it
when announcing a new security problem. When the candidate has been
publicized, the details for this candidate will be provided." "**
RESERVED cvelist lib tardir usr This candidate has been reserved by an
security problem. When the candidate has been publicized, the details
for this candidate will be provided." "It was discovered that
PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24
failed to properly check authorization on certain statements involved
with "INSERT ... ON CONFLICT DO UPDATE". An attacker with "CREATE
TABLE" privileges could exploit this to read arbitrary bytes server
memory. If the attacker also had certain "INSERT" and limited "UPDATE"
privileges to a particular table, they could exploit this to update
other columns in the same table." "** RESERVED cvelist lib tardir usr
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the candidate
has been publicized, the details for this candidate will be provided."
"** RESERVED cvelist lib tardir usr This candidate has been reserved by
an organization or individual that will use it when announcing a new
security problem. When the candidate has been publicized, the details
for this candidate will be provided." "** RESERVED cvelist lib tardir
usr This candidate has been reserved by an organization or individual
that will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided." "** RESERVED cvelist lib tardir usr This candidate has been
reserved by an organization or individual that will use it when
announcing a new security problem. When the candidate has been
publicized, the details for this candidate will be provided.
* CVE-2018-1094
The ext4_fill_super function in fs/ext4/super.c in the Linux kernel
through 4.15.15 does not always initialize the crc32c checksum driver,
which allows attackers to cause a denial of service
crafted ext4 image." "The cdrom_ioctl_
attackers to use a incorrect bounds check in the CDROM driver
cvelist lib tardir usr This candidate has been reserved by an
security problem. When the candidate has been publicized, the details
for this candidate will be provided."
addon 1.6.9 for PrestaShop 1.4.0.1 through 1.6.1.18 allows remote
attackers to execute arbitrary code by uploading a .phtml file." "An
issue was discovered on Barco ClickShare CSE-200 and CS-100 Base Units
with firmware before 1.6.0.3. Sending an arbitrary unexpected string to
TCP port 7100 respecting a certain frequency timing disconnects all
clients and results in a crash of the Unit." "The request_dividend
function of a smart contract implementation for ROC (aka Rasputin
Online Coin), an Ethereum ERC20 token, allows attackers to steal all of
the contract's Ether." "The mg_handle_cgi function in mongoose.c in
Mongoose 6.11 allows remote attackers to cause a denial of service
(heap-based buffer over-read and application crash, or NULL pointer
"** RESERVED cvelist lib tardir usr This candidate has been reserved by
an organization or individual that will use it when announcing a new
security problem. When the candidate has been publicized, the details
for this candidate will be provided." "** RESERVED cvelist lib tardir
usr This candidate has been reserved by an organization or individual
that will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided." "** RESERVED cvelist lib tardir usr This candidate has been
reserved by an organization or individual that will use it when
announcing a new security problem. When the candidate has been
publicized, the details for this candidate will be provided." "mailboxd
in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before
Discrepancy between the "HTTP 404 - account is not active" and "HTTP
401 - must authenticate" errors.
* CVE-2018-11412
In the Linux kernel 4.13 through 4.16.11, ext4_read_
certain circumstances involving a crafted filesystem that stores the
system.data extended attribute value in a dedicated inode.
* CVE-2018-11506
The sr_do_ioctl function in drivers/
through 4.16.12 allows local users to cause a denial of service
because sense buffers have different sizes at the CDROM layer and the
SCSI layer, as demonstrated by a CDROMREADMODE2 ioctl call.
* CVE-2018-12233
In the ea_get function in fs/jfs/xattr.c in the Linux kernel through
4.17.1, a memory corruption bug in JFS can be triggered by calling
setxattr twice with two different extended attribute names on the same
file. This vulnerability can be triggered by an unprivileged user with
the ability to create files and execute programs. A kmalloc call is
incorrect, leading to slab-out-of-bounds in jfs_xattr.
* CVE-2018-13094
An issue was discovered in fs/xfs/
kernel through 4.17.3. An OOPS may occur for a corrupted xfs image
after xfs_da_
* CVE-2018-13405
The inode_init_owner function in fs/inode.c in the Linux kernel through
4.17.4 allows local users to create files with an unintended group
ownership, in a scenario where a directory is SGID to a certain group
and is writable by a user who is not a member of that group. Here, the
non-member can trigger creation of a plain file whose group ownership
is that group. The intended behavior was that the non-member can
trigger creation of a directory (but not a plain file) whose group
ownership is that group. The non-member can escalate privileges by
making the plain file executable and SGID.
* CVE-2018-13406
An integer overflow in the uvesafb_setcmap function in
result in local attackers being able to crash the kernel or potentially
elevate privileges because kmalloc_array is not used.
* CVE-2018-5390
Linux kernel versions 4.9+ can be forced to make very expensive calls
to tcp_collapse_
incoming packet which can lead to a denial of service.
* CVE-2018-5391
cvelist lib tardir usr RESERVED cvelist lib tardir usr This candidate
has been reserved by an organization or individual that will use it
when announcing a new security problem. When the candidate has been
publicized, the details for this candidate will be provided.
* CVE-2018-7755
An issue was discovered in the fd_locked_ioctl function in
driver will copy a kernel pointer to user memory in response to the
FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the
obtained kernel pointer to discover the location of kernel code and
data and bypass kernel security protections such as KASLR.
* CVE-2018-8087
Memory leak in the hwsim_new_radio_nl function in
4.15.9 allows local users to cause a denial of service (memory
andres@
Revision history for this message
|
#17 |
Are there any messages about livepatch in the system logs?
Revision history for this message
|
#18 |
did you mean this?
andres@
[sudo] password for andres:
NAME:
canonical-
USAGE:
canonical-
VERSION:
9.4.1
AUTHOR:
Canonical Livepatch Team
COMMANDS:
status show kernel's livepatch status
enable enable livepatching on the machine
disable disable livepatching on the machine
refresh immediately download and apply any available livepatch
config configure livepatching on the machine
help display help
GLOBAL OPTIONS:
--version, -v print the version
andres@
Revision history for this message
|
#19 |
I was referring to something like
dmesg | grep livepatch
snap logs canonical-livepatch
Revision history for this message
|
#20 |
SURE...
andres@
[ 3665.562037] audit: type=1400 audit(156110904
[ 3665.572067] audit: type=1400 audit(156110904
[ 3665.578716] audit: type=1400 audit(156110904
[ 3665.581189] audit: type=1400 audit(156110904
[ 3666.904289] audit: type=1400 audit(156110904
[ 3666.938168] audit: type=1400 audit(156110904
[ 3671.132819] audit: type=1400 audit(156110904
[ 3671.193280] audit: type=1400 audit(156110904
[ 3671.201790] audit: type=1400 audit(156110904
[ 3671.203778] audit: type=1400 audit(156110904
[ 3674.837497] audit: type=1400 audit(156110905
[ 3674.908657] audit: type=1400 audit(156110905
[ 3676.730939] audit: type=1400 audit(156110905
[ 3676.787212] audit: type=1400 audit(156110905
[ 3676.795555] audit: type=1400 audit(156110905
[ 3676.797734] audit: type=1400 audit(156110905
[ 3698.424873] audit: type=1400 audit(156110907
[ 3698.767448] audit: type=1400 audit(156110907
[ 3698.789512] audit: type=1400 audit(156110907
[ 3699.020342] audit: type=1400 audit(156110907
[ 3704.653353] audit: type=1400 audit(156110908
[ 3704.655584] audit: type=1400 audit(156110908
[ 3704.668448] audit: type=1400 audit(156110908
[ 3704.671493] audit: type=1400 audit(156110908
[ 3705.173469] audit: type=1400 audit(156110908
[ 3705.181827] audit: type=1400 audit(156110908
[ 3709.661114] audit: type=1400 audit(156110908
[ 3709.662915] audit: type=1400 audit(156110908
[ 3710.572869] audit: type=1400 audit(156110908
[ 3710.638986] audit: type=1400 audit(156110908
[ 3710.646867] audit: type=1400 audit(156110908
[ 3710.648991] audit: type=1400 audit(156110908
andres@
andres@
2019-06-
2019-06-
2019-06-
2019-06-
2019-06-
2019-06-
2019-06-
2019-06-
2019-06-
2019-06-
andres@
aah maan that does not look good
Revision history for this message
|
#21 |
seems to be the same problem as
https:/
I am sorry, but I do not have a solution.
Remark:
"required key not available" is an error message that is shown when secure-boot is enabled, but an unsigned kernel module should be loaded. I do not know whether this is related to your case.
Revision history for this message
|
#22 |
YEP exactly the same problem...well ill look around for more forums, i appreciate your help...thank you for helping me figure this out,,,)
Can you help with this problem?
Provide an answer of your own, or ask Andres Ounpuu for more information if necessary.